Jones

I couldn’t wait and followed the generic directions for setting up a Slack app with an Incoming Webhook (using directions from a competitor product, no less). Assuming the payload is sent directly from the website’s plugin, I assume this won’t make a difference?

The only issue is (if I’m not mistaken) the plugin doesn’t send a Slack notification to confirm the Webhook is setup properly anyway, which is a risky process to rely on.

Hi,

Just to summarise the hacking process according to my Wordfence firewall logs:
The hacker has accessed the site using an IP based in Germany and more recently the US.
The hacker orders an item (first item added to Woocommerce?), checks out via Paypal and cancels/times-out in order to create a new registered user (with a role of “Customer”).

The hacker attempts to exploit at least 3 public vulnerabilities (since patched) which only require a user to be registered:

[redacted]

• This reply was modified 4 years, 4 months ago by Jones. Reason: Added the known IP locations of hacker server
• This reply was modified 4 years, 4 months ago by Steven Stern (sterndata).

Thanks for the info and SQL testing plug-in recommendation. I’ll have to look into it.

I think AJAX-loading. dependent-dropdowns would help. But to be honest I’m not too sure if using a flat taxonomy structure and using the posts array to find taxonomic children would be ideal in my case. If I setup a single hierarchical taxonomy with 4 levels then I believe I could load the terms I need at each level with something like this (e.g. starting with top level parent 0):

$terms = get_terms( array( 
    'taxonomy' => 'tax_name',
    'parent'   => 0
) );

My custom taxonomy is exclusive to my custom post type and I’m not too concerned if there are no relevant posts (since in my particular case this shouldn’t happen when the categories are selected in hierarchical order).

If I had a secondary taxonomy I’d like to use for a faceted search that depended upon looping through posts (e.g. manufacturer) then optionally, this could only be shown after the primary hierarchical taxonomy has been drilled down to the 3rd or 4th level (to improve uncached performance).

I don’t have much experience with WordPress yet and I was spoiled in the past with Prestashop categories, for example, since they used the Nested Set Model out-of-the-box (https://mikehillyer.com/articles/managing-hierarchical-data-in-mysql/). The catch was you would have to re-cache the nested database model every time you updated a category but it made faceted navigation more performant.

Unfortunately the data I have is pseudo-proprietary so I can’t give the data as is. I’ve created an obfuscated version where you get the exact same relationships with the same uneven loading (for example you’ll see that “BxqB7” in Category 2 is over-represented.

Thanks for your help and the great plug-in.

Yes, I have similar issues with around 15,000 terms or so.

I couldn’t find any other (free to try) module that does hierarchical filtering so I’ve separated my hierarchical taxonomy into flat taxonomies and use this module instead. Anyone tried FacetWP or is there any other module to recommend? I think maybe even Woocommerce offers hierarchical filtering (or is that flat also?) but I don’t know of any plug-in for custom taxonomies.

I’ve hacked a solution in the meanwhile. The catch is that the top level in the hierarchy might have thousands of associated taxonomies. And in my case the hierarchical distribution is uneven so even the second level may have thousands.

So to avoid 5 minute waits or memory issues I’ve hacked the archive page which I use the Beautiful Taxonomy Filters on to redirect if the first 2 flat taxonomies haven’t been set (there’s still a long wait for the second level taxonomies that are disproportionate). I’ve setup an alternate template using the ‘template_include’ filter for cases where either the first and/or second levels have not been selected, where I’ve manually added the terms from the top 2 levels as buttons to drill into. If the 2 top levels have been set I load the normal archive and use javascript on the front-end to prevent an everyday user from changing these dropdowns, but this is obviously not ideal (and it’s a complicated override with jQuery.propHooks.disabled and timeouts to play nicely with BTF).

Since I have so many terms that are also interconnected, caching alone wouldn’t be the solve-all solution since a lot of redundant data would be sent to users every time the page first loads (and the server would run out of memory before it has a chance to cache anything in the first instance). With my existing redirect and javascript hack though caching would still be very useful (I was going to hack BTF to use Transients, at least for the first 2 levels in my case – don’t know if caching is essential in my case once I’ve drilled down to the third level).

P.S. I haven’t checked the code yet but hide empty terms only works on the front-end but still loads the terms, right?